Skip to content

You are reading 1 of 2 free-access articles allowed for 30 days

HSE to conduct review ahead of new EU data regulations

The GDPR is a piece of major EU regulation on data protection that comes into effect from May 2018.

An educational seminar at the recent IMO AGM in Galway heard the GDPR could have a significant impact on the work of hospitals and other medical institutions in terms of patient data protection.

“The eHealth Ireland team takes the security of information very seriously,” Mr Richard Corbridge, Chief Information Officer (CIO) at the HSE, told the Medical Independent (MI).

“GDPR is the next standard we must strive to attain; however, as each part of the digital fabric for health in Ireland is put in place we face new challenges, [and] each of them must be overcome.”

Mr Corbridge added that the HSE “has well-established IT security policies and we are in the process of updating these to bring them in line with the GDPR”.

A Data Protection Officer (DTO) for the HSE will be formally put in place shortly and a priority for this DTO will be to undertake a review of the HSE’s readiness for GDPR, added the HSE CIO.

Mr Corbridge said the Executive would undertake workshops to drive awareness of the GDPR and to test for compliance. GDPR obligations will be part of new employee induction training, as will information governance training and testing. Additionally, an information governance and certification programme has been established to increase awareness among HSE employees.

“Raising awareness among organisations and the public of the new law will be a combined effort of the Data Protection Commissioner (DPC), the Government, practitioners, and industry and professional representative bodies,” according to the website of the DPC.

“Over the course of 2017, the DPC will be proactively undertaking a wide range of initiatives to build awareness of the GDPR, in particular providing guidance to help organisations prepare for the new law, which comes into force on 25 May 2018.”

GDPR will replace the existing data protection framework under the EU Data Protection Directive.

Leave a Comment

You must be logged in to post a comment.

Scroll To Top